The design of the Internet Key Exchange (IKE) protocol, when using Aggressive Mode for shared secret authentication, does not encrypt initiator or responder identities during negotiation, which may allow remote attackers to determine valid usernames by (1) monitoring responses before the password is supplied or (2) sniffing, as originally reported for FireWall-1 SecuRemote.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2005-03-26T05:00:00
Updated: 2024-08-08T03:34:54.964Z
Reserved: 2005-03-26T00:00:00
Link: CVE-2002-1623
Vulnrichment
No data.
NVD
Status : Modified
Published: 2002-12-31T05:00:00.000
Modified: 2024-11-20T23:41:44.770
Link: CVE-2002-1623
Redhat
No data.